From a8e1f9e775c575a4ac1d0d2aa946dbf0e765e031 Mon Sep 17 00:00:00 2001
From: Dmitry Ilvokhin <d@ilvokhin.com>
Date: Sun, 26 May 2024 19:26:04 +0100
Subject: Move sysctl net forwarding to separate role

---
 roles/netfwd/tasks/main.yml |  9 +++++++++
 roles/wgnet/meta/main.yml   |  1 +
 roles/wgnet/tasks/main.yml  | 10 ----------
 3 files changed, 10 insertions(+), 10 deletions(-)
 create mode 100644 roles/netfwd/tasks/main.yml

diff --git a/roles/netfwd/tasks/main.yml b/roles/netfwd/tasks/main.yml
new file mode 100644
index 0000000..47e389a
--- /dev/null
+++ b/roles/netfwd/tasks/main.yml
@@ -0,0 +1,9 @@
+- name: Configure IPv4 and IPv6 packet forwarding
+  ansible.builtin.sysctl:
+    name: '{{ item }}'
+    value: '1'
+    sysctl_set: true
+  loop:
+    - net.ipv4.ip_forward
+    - net.ipv4.conf.all.forwarding
+    - net.ipv6.conf.all.forwarding
diff --git a/roles/wgnet/meta/main.yml b/roles/wgnet/meta/main.yml
index 45ed5d7..aede5ad 100644
--- a/roles/wgnet/meta/main.yml
+++ b/roles/wgnet/meta/main.yml
@@ -1,2 +1,3 @@
 dependencies:
+  - role: netfwd
   - role: wireguard
diff --git a/roles/wgnet/tasks/main.yml b/roles/wgnet/tasks/main.yml
index c776a84..9156fde 100644
--- a/roles/wgnet/tasks/main.yml
+++ b/roles/wgnet/tasks/main.yml
@@ -1,13 +1,3 @@
-- name: Configure IPv4 and IPv6 packet forwarding
-  ansible.builtin.sysctl:
-    name: '{{ item }}'
-    value: '1'
-    sysctl_set: true
-  loop:
-    - net.ipv4.ip_forward
-    - net.ipv4.conf.all.forwarding
-    - net.ipv6.conf.all.forwarding
-
 - name: Configure WireGuard for wgnet
   ansible.builtin.template:
     src: templates/wg0.conf.j2
-- 
cgit v1.2.3-70-g09d2